DXR is a code search and navigation tool aimed at making sense of large projects. It supports full-text and regex searches as well as structural queries.

Mercurial (27a812186ff4)

VCS Links

Line Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* 
 * this file maps PKCS11 Errors into SECErrors
 *  This is an information reducing process, since most errors are reflected
 *  back to the user (the user doesn't care about invalid flags, or active
 *  operations). If any of these errors need more detail in the upper layers
 *  which call PK11 library functions, we can add more SEC_ERROR_XXX functions
 *  and change there mappings here.
 *
 *  Some PKCS11 errors are mapped to SEC_ERROR_LIBRARY_FAILURE intentionally
 *  because they indicate that there is a bug in the library (either NSS or
 *  the token).
 */
#include "pkcs11t.h"
#include "pk11func.h"
#include "secerr.h"
#include "prerror.h"

#ifdef PK11_ERROR_USE_ARRAY 

/*
 * build a static array of entries...
 */
static struct {
	CK_RV pk11_error;
	int   sec_error;
} pk11_error_map = {
#define MAPERROR(x,y) {x, y},

#else

/* the default is to use a big switch statement */
int
PK11_MapError(CK_RV rv) {

	switch (rv) {
#define MAPERROR(x,y) case x: return y;

#endif

/* the guts mapping */
	MAPERROR(CKR_OK, 0)
	MAPERROR(CKR_CANCEL, SEC_ERROR_IO)
	MAPERROR(CKR_HOST_MEMORY, SEC_ERROR_NO_MEMORY)
	MAPERROR(CKR_SLOT_ID_INVALID, SEC_ERROR_BAD_DATA)
	MAPERROR(CKR_ARGUMENTS_BAD, SEC_ERROR_INVALID_ARGS)
	MAPERROR(CKR_ATTRIBUTE_READ_ONLY, SEC_ERROR_READ_ONLY)
	MAPERROR(CKR_ATTRIBUTE_SENSITIVE, SEC_ERROR_IO) /* XX SENSITIVE */
	MAPERROR(CKR_ATTRIBUTE_TYPE_INVALID, SEC_ERROR_BAD_DATA)
	MAPERROR(CKR_ATTRIBUTE_VALUE_INVALID, SEC_ERROR_BAD_DATA)
	MAPERROR(CKR_BUFFER_TOO_SMALL, SEC_ERROR_OUTPUT_LEN)
	MAPERROR(CKR_DATA_INVALID, SEC_ERROR_BAD_DATA)
	MAPERROR(CKR_DATA_LEN_RANGE, SEC_ERROR_INPUT_LEN)
	MAPERROR(CKR_DEVICE_ERROR, SEC_ERROR_PKCS11_DEVICE_ERROR)
	MAPERROR(CKR_DEVICE_MEMORY, SEC_ERROR_NO_MEMORY)
	MAPERROR(CKR_DEVICE_REMOVED, SEC_ERROR_NO_TOKEN)
	MAPERROR(CKR_DOMAIN_PARAMS_INVALID, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_ENCRYPTED_DATA_INVALID, SEC_ERROR_BAD_DATA)
	MAPERROR(CKR_ENCRYPTED_DATA_LEN_RANGE, SEC_ERROR_BAD_DATA)
	MAPERROR(CKR_FUNCTION_CANCELED, SEC_ERROR_LIBRARY_FAILURE)
	MAPERROR(CKR_FUNCTION_FAILED, SEC_ERROR_PKCS11_FUNCTION_FAILED)
	MAPERROR(CKR_FUNCTION_NOT_PARALLEL, SEC_ERROR_LIBRARY_FAILURE)
	MAPERROR(CKR_FUNCTION_NOT_SUPPORTED, PR_NOT_IMPLEMENTED_ERROR)
	MAPERROR(CKR_GENERAL_ERROR, SEC_ERROR_PKCS11_GENERAL_ERROR)
	MAPERROR(CKR_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_MECHANISM_INVALID, SEC_ERROR_INVALID_ALGORITHM)
	MAPERROR(CKR_MECHANISM_PARAM_INVALID, SEC_ERROR_BAD_DATA)
	MAPERROR(CKR_NO_EVENT, SEC_ERROR_NO_EVENT)
	MAPERROR(CKR_OBJECT_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
	MAPERROR(CKR_OPERATION_ACTIVE, SEC_ERROR_LIBRARY_FAILURE)
	MAPERROR(CKR_OPERATION_NOT_INITIALIZED,SEC_ERROR_LIBRARY_FAILURE )
	MAPERROR(CKR_PIN_INCORRECT, SEC_ERROR_BAD_PASSWORD)
	MAPERROR(CKR_PIN_INVALID, SEC_ERROR_INVALID_PASSWORD)
	MAPERROR(CKR_PIN_LEN_RANGE, SEC_ERROR_INVALID_PASSWORD)
	MAPERROR(CKR_PIN_EXPIRED, SEC_ERROR_EXPIRED_PASSWORD)
	MAPERROR(CKR_PIN_LOCKED, SEC_ERROR_LOCKED_PASSWORD)
	MAPERROR(CKR_SESSION_CLOSED, SEC_ERROR_LIBRARY_FAILURE)
	MAPERROR(CKR_SESSION_COUNT, SEC_ERROR_NO_MEMORY) /* XXXX? */
	MAPERROR(CKR_SESSION_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
	MAPERROR(CKR_SESSION_PARALLEL_NOT_SUPPORTED, SEC_ERROR_LIBRARY_FAILURE)
	MAPERROR(CKR_SESSION_READ_ONLY, SEC_ERROR_READ_ONLY)
	MAPERROR(CKR_SIGNATURE_INVALID, SEC_ERROR_BAD_SIGNATURE)
	MAPERROR(CKR_SIGNATURE_LEN_RANGE, SEC_ERROR_BAD_SIGNATURE)
	MAPERROR(CKR_TEMPLATE_INCOMPLETE, SEC_ERROR_BAD_DATA)
	MAPERROR(CKR_TEMPLATE_INCONSISTENT, SEC_ERROR_BAD_DATA)
	MAPERROR(CKR_TOKEN_NOT_PRESENT, SEC_ERROR_NO_TOKEN)
	MAPERROR(CKR_TOKEN_NOT_RECOGNIZED, SEC_ERROR_IO)
	MAPERROR(CKR_TOKEN_WRITE_PROTECTED, SEC_ERROR_READ_ONLY)
	MAPERROR(CKR_UNWRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_UNWRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_USER_ALREADY_LOGGED_IN, 0)
	MAPERROR(CKR_USER_NOT_LOGGED_IN, SEC_ERROR_TOKEN_NOT_LOGGED_IN)
	MAPERROR(CKR_USER_PIN_NOT_INITIALIZED, SEC_ERROR_NO_TOKEN)
	MAPERROR(CKR_USER_TYPE_INVALID, SEC_ERROR_LIBRARY_FAILURE)
	MAPERROR(CKR_WRAPPED_KEY_INVALID, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_WRAPPED_KEY_LEN_RANGE, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_WRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_WRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_WRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
	MAPERROR(CKR_VENDOR_DEFINED, SEC_ERROR_LIBRARY_FAILURE)
	MAPERROR(CKR_NETSCAPE_CERTDB_FAILED, SEC_ERROR_BAD_DATABASE)
	MAPERROR(CKR_NETSCAPE_KEYDB_FAILED, SEC_ERROR_BAD_DATABASE)
	MAPERROR(CKR_CANT_LOCK, SEC_ERROR_INCOMPATIBLE_PKCS11)

#ifdef PK11_ERROR_USE_ARRAY 
};

int
PK11_MapError(CK_RV rv) {
    int size = sizeof(pk11_error_map)/sizeof(pk11_error_map[0]);

    for (i=0; i < size; i++) {
	if (pk11_error_map[i].pk11_error == rv) {
	    return pk11_error_map[i].sec_error;
	}
    }
    return SEC_ERROR_UNKNOWN_PKCS11_ERROR;
 }


#else

    default:
	break;
    }
    return SEC_ERROR_UNKNOWN_PKCS11_ERROR;
}


#endif